Yeah, I know how to view the source, but there is no mention of the original page in there. Seriously, if I hadn't guessed it I'd never be able to move on. I must be missing something here... i NEED TO KNOW WHERE THE INFO FOR THE ORIGINAL PAGE IS STORED!!!

-- Wed Nov 20, 2013 11:33 am --

Ok, so I've resorted to trawling the internet for answers, because this is annoying me. I don't want help completing the level, I just want to know where to find the name of the original web page. And guess what - everywhere seems to say that it is in a comment in the page source. This comment does not exist. Has the website been re-written recently or something?

Now, I do the Basic Missions, 70% with forum help. In the realistic mission, the first two were soooo much difficult to me... I have to try everything before succed. My questions is, how do I realize what to do? How I can know that I must use Dir Trav or SQL Iny or that things? 'Cause the problem is not how to do it (I can read), the problem is WHAT to do.

So, if you can help me to understand how to find the WHAT, instead the WHO, i'll be pleased.

Well the point of the the realistic ones is that the environment is more like something you would find in the the wild...

To be able to discover weaknesses you need to know them first. Someone who has never herd of SQLi before wont know that a form connected to a database could be vulnerable. Where as if you know about it you can try and possibly succeed.

The best thing for figuring out possible vulnerabilities is to learn already common ones and also tinker to discover new ones.

Side note: You cant expect to do all of the missions on HTS at once. Especially when you are still learning. If you needed help with 70% of the basic problems, then you obviously needed to do some more practice and read about the topics more.

Hi, finally finished but I spent so long going down the wrong path I'd like to ask if my idea would have worked:

I planned to use the submission form to overwrite Hacker with an SSI containing the bash move command so that when I opened the Hacker poem the command would execute and oldindex would be moved and overwrite index.

Does this sound like a viable alternative? I think the hint about remembering Basic 8 & 9 is what really threw me.